<?php
include_once 'checkLogin.php';
include_once 'conn.php';
$id = $_GET['id'] ?? '';
if (!is_numeric($id) || $id == '') {
    echo "<script>window.parent.showMsg('参数错误');history.back();</script>";
    exit;
}
//判断验证码是否正确
$code = trim($_GET['code']);
if (strtolower($_SESSION['captcha']) == strtolower($code) and !empty($code)) {
    $_SESSION['captcha'] = '';
} else {
    $_SESSION['captcha'] = '';
    echo "<script>window.parent.showMsg('验证码错误');history.back();</script>";
    exit;
}
//投票条件判断
//第1个条件：一个人一天只能给一辆车最多投5票
/*$sql = "select 1 from votedetail where userID = " . $_SESSION['loggedUserID'] . " and carID = $id and voteTime = '" . date("Y-m-d") . "'";
$result = mysqli_query($conn, $sql);
$num = mysqli_num_rows($result);
if ($num == 5) {
    //说明当前用户给当前车辆已经投过5票了
    echo "<script>alert('当前用户给当前车辆已经投过5票了');history.back();</script>";
    exit;
}*/
//第2种方法
$sql = "select count(1) as num from votedetail where userID = " . $_SESSION['loggedUserID'] . " and carID = $id and date(voteTime) = '" . date("Y-m-d") . "'";
$result = mysqli_query($conn, $sql);
$info = mysqli_fetch_array($result);
if ($info['num'] == 5) {
    //说明当前用户给当前车辆已经投过5票了
    echo "<script>window.parent.showMsg('当前用户给当前车辆已经投过5票了');history.back();</script>";
    exit;
}
//第2个条件
//要求一人一天最多可以给三辆车投票
$sql = "select carID from votedetail where userID = " . $_SESSION['loggedUserID'] . " and date(voteTime) = '" . date("Y-m-d") . "' and carID <> $id group by carID";
$result = mysqli_query($conn, $sql);
$num = mysqli_num_rows($result);
if ($num >= 3) {  //排除当前投票车辆以后，还发现已经给三辆车投过票了，则说明当前是第4辆车，无法投票。
    echo "<script>window.parent.showMsg('每人每天最多只能给三辆车投票');history.back();</script>";
    exit;
}
//第3个条件
//两次投票之间要求间隔60s以上。
$sql = "select UNIX_TIMESTAMP(voteTime) as voteTime from votedetail where userID = " . $_SESSION['loggedUserID'] . " order by id desc limit 0,1";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result)) {
    //说明此用户曾经投过票
    $info = mysqli_fetch_array($result);
    if (time() - $info['voteTime'] <= 60) {
        //说明投票间隔未超过60s，不可以投票
        echo "<script>window.parent.showMsg('两次投票之间，必须间隔1分钟。');history.back();</script>";
        exit;
    }
}
//第4个条件
//IP投票限制。限制一个IP一天只能投15票
$sql = "select id from votedetail where date(voteTime) = CURRENT_DATE() and ip = '" . getIp() . "'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) >= 15) {
    //说明当前IP地址已经投过15票了
    echo "<script>window.parent.showMsg('一个IP地址一天之内最多只能投15票。');history.back();</script>";
    exit;
}
//投票实现
//第1步操作，更新carnum
$sql1 = "update carinfo set carnum = carNum + 1 where id = $id";
//第2步操作，更新votedteail表
$sql2 = "insert into votedetail (userID, carID, voteTime, ip) VALUES ('" . $_SESSION['loggedUserID'] . "','$id','" . date("Y-m-d H:i:s") . "','" . getIp() . "')";
//引入事务机制
mysqli_autocommit($conn, 0); //取消自动提交
$result1 = mysqli_query($conn, $sql1);
//echo "1:".mysqli_error($conn);
$result2 = mysqli_query($conn, $sql2);
//echo "2:".mysqli_error($conn);
if ($result1 and $result2) {
    mysqli_commit($conn);//提交操作
    echo "<script>window.parent.vote('投票成功',1);</script>";
} else {
    mysqli_rollback($conn);
    echo "<script>window.parent.vote('投票失败',0);</script>";
}
function getIp()
{
    if ($_SERVER["HTTP_CLIENT_IP"] && strcasecmp($_SERVER["HTTP_CLIENT_IP"], "unknown")) {
        $ip = $_SERVER["HTTP_CLIENT_IP"];
    } else {
        if ($_SERVER["HTTP_X_FORWARDED_FOR"] && strcasecmp($_SERVER["HTTP_X_FORWARDED_FOR"], "unknown")) {
            $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
        } else {
            if ($_SERVER["REMOTE_ADDR"] && strcasecmp($_SERVER["REMOTE_ADDR"], "unknown")) {
                $ip = $_SERVER["REMOTE_ADDR"];
            } else {
                if (isset ($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'],
                        "unknown")
                ) {
                    $ip = $_SERVER['REMOTE_ADDR'];
                } else {
                    $ip = "unknown";
                }
            }
        }
    }
    return ($ip);
}
